Ryzom Forge meeting report – 04 October 2021
Ulukyn
I'm going to review the migration and the patching that went on.
We had planned to migrate the very old web server that contained the webig and nevrax tools to a new fresh server.
In order to minimize the problems, it was agreed to migrate only the database (step 1), upgrade the server to a ubuntu version still in LTS (16.04) at least (step 2).
Then on the server me.ryzom.com make a copy of the apps and test them in php 7 (step 3).
Finally when everything would be ok, we would switch app.ryzom.com on me.ryzom.com (step 4).
Then finally a new server will come to add the replication in case it is necessary to switch services (step 5).
Well ... All this was without anticipating that the web server would fail.
This forced us to finally do steps 1 to 5 in 24 hours.
So, report of the operations :
All our servers are currently running Ubuntu 20.04.
The old web server is going to leave us (but no one is going to mourn it ...).
We have the main applications running without major errors (quite a few warnings that we will correct as we go along).
But overall, it's a very good thing done and no more big migrations are planned.
The next updates will be done during a reboot on the Atys server so that the game will not be blocked anymore.
So for the migration, we are not bad.
If there are any questions about this, don't hesitate.
Q : We have just seen that a server failure can always happen. However, as I understand it, there are not enough servers to ensure true redundancy.
Is this taken into account in the BCP/DRP ? In fact, is there such a thing as BCP/DRP ?
Not everyone is familiar with the technical terms, can you rephrase ?
Business continuity plan / disaster recovery plan : basically, the crisis management plan.
(Cf. SGDSN guide on the topic).
A : The database will be replicated with me.ryzom.com, the code too.
app.ryzom.com and me.ryzom.com will be mirrored in order to take over in case of.
All via ip failover to not have to wait for DNS propagation.
Ulukyn
If no other questions we can move on to the patch.
There is still a problem to fix concerning the occupations of the Kitin Lair which are bugged.
This will be solved soon, but we don't know if it'll be necessary to patch and reboot the server or not.
We'll keep you informed.
Boss refactoring has been fixed at launch and for the moment is running normally.
If all goes well, at the next reboot/patch we will apply the system to all Atys.
Q : When will that be estimated ?
A : Difficult to say, it will be necessary to adjust this according to the feedback of Boss Refactoring and the events of Anlor Winn.
Also missing are the icons for the Marauder mini camps (which will be added without needing a patch).
Q : If the old Boss system has a minimum respawn time of ~2 days, what's the minimum respawn time for the current new Boss system ?
A : Very good question ...
It is exactly of ...
Damn ... They deleted my post !
Well, too bad !
Q : Good evening. The wheel had problems, is it spining correctly ? And above all to bring back prizes ?
A : Yes. According to my tests, it is good.
I have added the id and the name of the items that we win in the info system.
If the wheel is blocked or an item is not won, just send us the screenshot of the info system.
Q : Does it work when you win a whole furniture too ? I feel like I've never been able to recuperate them.
The Id of the item, it also works for the complete pieces of furniture that we win at the wheel ?
A : Yes. So if it bugs, I'll know which item.
Ulukyn
If no other questions, openssl ?
I know everyone is looking forward to this topic.
So, to put it simply, our clients are no longer compatible with a modification of the let's encrypt certificates.
Which remains one of the major authorities for providing ssl certificates.
To understand : it is thanks to them that we secure our websites in https.
And as a result clients are no longer able to access https sites that have a let's encrypt certificate (which is the case for our servers).
There is a configuration that allows to keep compatibility with clients using openssl 1.0 (so the old version).
This is what we did while waiting to update the clients.
Currently we are testing Windows 64 bits and Linux 64 bits clients with openssl 3.0 and no major issues.
We will apply the same modification to Steam and Macos versions.
If you are hosting webig apps that are no longer accessible from the game, you can come see me and I will help you configure your server to enable compatibility (this is a certbot option).
Well, it's still under discussion but we wonder if we will continue to maintain 32 bits versions under Linux (and Windows).
There are really very few people left on 32 bits configuration.
Q : Your last sentence let me suppose that I have my answer : is there a volume of Windows (7, 8, 10), Linux (I don't make the list), MacOS clients with 32 or 64 bits precision ?
Without revealing it to us of course. Or percentages, maybe ?
A : We use Steam's stats as a basis, but we don't have this kind of information on our side.
MacOS it's easy : there are no more 32 bits clients for years.
Q : My new laptop that is Windows 10 will only run ryzom on 32 bits config so what will happen to that ?
I had to go into advanced config and choose 32 bits, to make it work.
A : The OS is 32 bits ?
So we have at least one player still in 32 bits.
We can talk about it again in private message, it can be interesting to know what forces the use of 32 bits.
Q : Hum, why openSSL 3.0, and not 1.1 ? 3.0 seems a bit too experimental, for now.
A : It has been stable since September 7.
It is only used with curl in a very basic way.
Q : If I may interject, that wasn't a change in let's encrypt certificates : one of their root certificate expired, which is quite different.
All the certificates were cross-signed and therefore there was another path to valid root.
As far as I know the issue was that old versions of OpenSSL have troubles finding this alternate path.
New certificates shouldn't have this issue, therefore a quick workaround could be to rotate the certificates before their expiration date.
That's not perfect because each app would have to do so, but it seems better that whatever hack.
By the way, there is better ACME client than certbot, but this is a different topic.
A : We based this information on : https://openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpir e/ .
And indeed, an openssl 1.0.2 client doesn't work, if you upgrade it to openssl 3.0 it works.
A : Yes, that's what I explained.
A : Ah ok, great then !
This meeting is quite technical !
Now the last topic : recruitment.
Support Team
The Support team continues its recruitment campaign.
We need you, your availability, your technical knowledge and gameplay of the game but also your diplomacy, to expand our ranks and best meet the expectations of players.
To learn more, please see this post : https://app.ryzom.com/app_forum/index.php?page=topic/view/22047/2 #2 .
To apply, contact Tamarea exclusively at tamarea@ryzom.com
Event team
We're looking for volunteers who want to help write event scripts, or who want to become actors by playing a character in the events we play.
Training is provided, and entry into acting is done very gradual to allow time for the recruit to get his bearings.
To apply, contact Tamarea exclusively at tamarea@ryzom.com
Translation Team
We are looking for volunteers to translate in-game texts and official announcements into English, German, Spanish, Russian, French, and to proofread texts.
To apply, contact Tamarea exclusively at tamarea@ryzom.com
---
Jadeyn | Senior Game Master | Polyglot/MultilingualRyzom Support Team